104.16.131.238 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 104.16.131.238 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

• JARM: 29d3fd00029d29d00042d43d00041d5de67cc9954cc85372523050f20b5007

• View other sources: Spamhaus VirusTotal

• Country:
• Network:
• Noticed: 1 times
• Protocols Attacked: Anonymous Proxy
• Passive DNS Results: cashier.bwin.com.cdn.cloudflare.net sportsapi.bwin.com sportsapi.bwin.com.cdn.cloudflare.net bettingapi.bwin.com.cdn.cloudflare.net pam.bwin.com.cdn.cloudflare.net api.bwin.com.cdn.cloudflare.net api.bwin.com beta-casino.bwin.com promos.bwin.com.cdn.cloudflare.net bchamp.bwin.com.cdn.cloudflare.net virtualgames.bwin.com.cdn.cloudflare.net buxdehude.bwin.com.cdn.cloudflare.net beta-betbuilder.bwin.com.cdn.cloudflare.net bgvcchamp.bwin.com.cdn.cloudflare.net help.bwin.com.cdn.cloudflare.net account.bwin.com.cdn.cloudflare.net api-sports.bwin.com.cdn.cloudflare.net analytics.bwin.com.cdn.cloudflare.net download.bwin.com.cdn.cloudflare.net pam.bwin.com help.bwin.com account.bwin.com www.bwin.com.cdn.cloudflare.net promos.bwin.com www.bwin.com scmedia.bwin.com.cdn.cloudflare.net m.bwin.com social.bwin.com sports.bwin.com poker.bwin.com bwin.com downloadcasino.bwin.com m.bwin.com.cdn.cloudflare.net casino.bwin.com.cdn.cloudflare.net download.bwin.com scmedia.bwin.com analytics.bwin.com casinogames.bwin.com media.bwin.com livebetting.bwin.com.cdn.cloudflare.net livebetting.bwin.com lite.bwin.com casino.bwin.com virtualsports.bwin.com api-sports.bwin.com games.bwin.com promo.bwin.com.cdn.cloudflare.net sports.bwin.com.cdn.cloudflare.net poker.bwin.com.cdn.cloudflare.net promo.bwin.com

Malware Detected on Host

Count: 24 819059dc93d5aad9999ad862710744df63705e6482ca8fa104c2b49b8e7f0a67 941279863ee9a2c2eef288e70c049e2166dc28b89a2d9778dee5f82791fbccdc b037a9cc55d18dd1c50a42e75b8f5aa48a41b090c9c8103f749fc95645929eae c716d3b4d52166225db700c264b494f13183badd8e2859d2439e3b62ad9a27a9 bca8c46f0dc04548f2b3db2bf96df64e8d192826622fa7950c956d97108ee393 e7b103b607c8ed46f3e3fbdbbeaed2d6cc5fb9f5fae1588e3a8f0941c5f8761e de6b2c377dd7c07d5ce3cdb09761935d9595dc928e3c8567d8c899618ad99a9f ea5ed88253674eb6ec65038dd0a44549bdb7e37f76c4dae1ccdaa524059e33bb 9b0a044ba6002e746c60090ae91d49f8d78bf0e9557d4b9551a5d507960b1518 73fa32789f4265a3f40410d1edd31779612f60f6cfaf902b7f7cf1405684f828

Open Ports Detected

2082 2083 2086 2087 443 80 8443 8880

Map

Whois Information

• NetRange: 104.16.0.0 - 104.31.255.255
• CIDR: 104.16.0.0/12
• NetName: CLOUDFLARENET
• NetHandle: NET-104-16-0-0-1
• Parent: NET104 (NET-104-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS13335
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2014-03-28
• Updated: 2024-09-04
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
• Ref: https://rdap.arin.net/registry/ip/104.16.0.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2024-11-25
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN

Links to attack logs

anonymous-proxy-ip-list-2025-06-22